|
Hello,
I've tried adding "asterisk" lines but nothing changes: =====imapd.conf==== sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN *sasl_minimum_layer: 0 =====saslauthd.conf===== ldap_servers: ldap://ldap.ldaptest.com:389/ ldap://srv-ln-repli1.ldaptest:389/ ldap_search_base: ou=pre_test,dc=org ldap_bind_dn: cn=admin ldap_password: password ldap_scope: sub ldap_filter: (|(cn=%U@%d)(uid=%u)) *ldap_auth_method: plain I'm still not able to log in# #imtest -m plain 192.168.1.5 -a test-adm S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed [Server did not advertise AUTH=PLAIN] Authentication failed. generic failure Security strength factor: 0 Regards. Manel Gimeno Zaragoza magiza83@xxxxxxxxxxx From: magiza83@xxxxxxxxxxx To: awilliam@xxxxxxxxxxxxx; info-cyrus@xxxxxxxxxxxxxxxxxxxx Subject: RE: Allow PLAIN login cyrus 2.2.12 Date: Mon, 13 Feb 2012 12:55:27 +0100
Hello,
I've noticed that if I do imtest from remote host I get different exit: #imtest -m plain 192.168.1.5 -a cyrus S: * OK Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed [Server did not advertise AUTH=PLAIN] Authentication failed. generic failure Security strength factor: 0 Anyway I answer your questions underline. >> I'm trying to migrate mailbox from "cyrus-imapd-2.2.12-19" to >> "cyrus-imapd-2.4.13-1.el6.x86_64" using imapsync. >> The login is through ldap but the problem is that I can not login >> through admin user to the cyrus old version (2.2.12). It shows me the >> following error: >> "Error login: [192.168.1.5] with user [test-adm] auth [PLAIN]: 2 NO >> encryption needed to use mechanism" >> S: L01 NO Login failed: authentication failure >> Authentication failed. generic failure >> Security strength factor: 0 >> I've created a test environment and there I have no problems as cyrus >> i allowing auth plain. > >Do you have "allowplaintext: 1" in imapd.conf? There is also >"sasl_minimum_layer". I've "allowplaintext: 1" defined, but I do not "sasl_minimum_layer" and I'm not sure about the value of this parameter. >> #imtest -m plain 192.168.1.6 -a test-adm >> S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE AUTH=PLAIN >> SASL-IR] cyrus3-test Cyrus IMAP v2.4.13-Invoca-RPM-2.4.13-1.el6 server >> ready > >Are you authenticating via saslauthd [since you are using PLAIN]? If so >can you suceed with testsaslauthd -u .... ? I can connect via testsaslauthd: #testsaslauthd -u test-adm -p password 0: OK "Success." >> I've tried to configure old cyrus with the same parameters but it >> doesn't work. I've added the following line to imapd.conf but nothing >> change, I get the same response without AUTH=PLAIN >> sasl_mech_list: PLAIN > >Are you sude your LDAP connection is configured the same way? [OpenLDAP >uses the SSF concept too]. Perhaps you certificates are expired or >misconfigured [permissions]? I guess LDAP is correctly configured as new cyrus server is connecting to the same LDAP server and it works (I've no acces to LDAP configuration) >> I don't know if I need to force plain login in saslauthd.conf as well, >> or if there is some parameter that I should specify because in old >> versions it's needed. Manel Gimeno Zaragoza magiza83@xxxxxxxxxxx ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ |
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
